QoS - Service Policy Input for limiting traffic

oguarisco · ‎10-10-2013

Dear all,

I would like to apply a Service Policy Input on some Gigabit ports on Cat4500 platform for the following action:

Packet Classification - based on ACL
Marking - based with the DSCP rewrite based on classification
Policing/Shaping - limiting the Bandwidth to some Mb for each of the traffic classes definied

Is this working??? I'm pretty sure that I can do both packet classification and marking but what about Policing/Shaping? Is this possible?

Otherwise how can I achieve that results considering that I've to apply this limit in input on some ports?

Thanks for a feedback

O.

Lei Tian · ‎10-10-2013

Hi,

Classification, marking and policing should be supported on the ingress direction. Shaping is usually on the egress direction, probably not supported. What sup do you use?

HTH,

Lei Tian

oguarisco · ‎10-10-2013

Hi,

I've SUP7L-E with IOS XE 3.4.0SG and at the ingress port the Service Policy is doing classification, marking but is not working on limiting the Bandwidth using the following configuration (the class-map is based on a ACL):

policy-map TEST

class A

set dscp ef

police 2000000 conform-action transmit exceed-action transmit

class B

set dscp cs4

police 20000000 conform-action transmit exceed-action drop

class DATA

set dscp default

police 11000000 conform-action transmit exceed-action drop

Thanks

Lei Tian · ‎10-10-2013

Hi,

So you are saying the switch took the command, but policer doesnt work as expected? How did you test it?

HTH,

Lei Tian

oguarisco · ‎10-10-2013

Hi,

Yes the switch took the command and it's on the config... since on the same port we've a similar OUTPUT Policy we 've done some initial test using a speed test with a device that was classified on the class DATA and we've noticed the following results:

- INPUT POLICY traffic was not blocked to 11MB and reach always more speed around 100MB

- OUTPUT POLICY traffic was correctly blocked around 10-11MB max.

tnx

O.

Lei Tian · ‎10-10-2013

Hi,

How's your class-map look like?

HTH,

Lei Tian

oguarisco · ‎10-10-2013

like this one:

class-map match-all DATA

match access-group name ACL_IN

where the ACL syntax is the following:

ip access-list extended ACL_IN

permit ip 10.X.X.X 0.X.X.X any

the source IP subnet 10.X.X.X is a VLAN where all these ports belongs, but I would like to been able to give to each port the same BW.

Thnaks a lot for your support!

Lei Tian · ‎10-10-2013

Hi,

Are policy-map applied on interface level or vlan based? I think this should work.

HTH,

Lei Tian

oguarisco · ‎10-10-2013

Hi,

I thought me too it wasd working :-)))... but in fact the traffic in input is not limited

the Service Policy input is applied to each Physical Interface

Thx

O.

Lei Tian · ‎10-11-2013

Hi,

Might be worth also to try a different software version?

HTH,

Lei Tian

oguarisco · ‎10-14-2013

Hi,

I thought it could be a bug... It's difficult to test/prove it since all the switches are in production and if I'll do an upgrade it is because I'm sure this will solve the problem...BTW the only SW available would be the XE3.5.0...

O.